Cyprich.com

Decompiling .NET Applications

Have you ever wondered how a program worked? If your not a programmer then you probably wouldn’t think of such things. A software developer, however, might. They would be interested in knowing how a feature or an entire application functioned in order to duplicate it in their own work.

A program can be examined by decompiling it and then studying it’s source code.

What decompiling does is that it translates a program from it’s native machine language (i.e. CPU instructions) to a format easier to read, such as assembly language.

This seems kind of scary. All of the hard work you put into your award winning application can be copied by someone else. But it’s not as easy as it seems.

For example, have you ever tried reading someone else’s source code? Even with comments and meaningful variables, it’s a challenge. Now try reading code with no comments and cryptic variable names. This is what you typically get after decompiling. Trying to interpret decompiled code is a difficult and time consuming task.

However, a decompiled .NET program is easier to read than a Windows native app. Visual Studio leaves the names of identifiers alone when compiling to an assembly. The result is still difflcult to understand but you can have a good idea what’s going on.

If you want to try decompiling a .NET program, you can download Reflector by Lutz Roeder. Be prepared for the surprise when you see how close the decompiled code is to your source code.

Fortunately, Visual Studio comes with a utility to obfuscate .NET programs, the Dotfuscator Community Edition. It will change the names of identifiers so that they will no longer be meaningful. There are also other commercial applications that will do the same thing.

If you want even more security for your code, a linker can be used. This will turn your .NET app into a native Windows program. The advantage of using a linker is that there won’t be the slow JIT precompile stage due to the app already being compiled.

Even with all of these precautions, your code is still not safe. A determined hacker can still decompile your program and figure out what it does. An obfuscation or linking tool may have them looking elsewhere for easier ways to copy code.